package com.leyou.gateway.config;

import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

import java.util.List;

@Data
@Configuration
@ConfigurationProperties(prefix = "ly.cors")
public class GlobalCORSConfig {

    private List<String> allowedOrigins;
    private Boolean allowedCredentials;
    private List<String> allowedMethods;
    private List<String> allowedHeaders;
    private Long maxAge;
    private String filterPath;

    @Bean
    public CorsFilter corsFilter() {
        //1.添加CORS配置信息
        CorsConfiguration config = new CorsConfiguration();
        //1) 允许的域,不要写*，否则cookie就无法使用了
        allowedOrigins.forEach(config::addAllowedOrigin);
        //2) 是否发送Cookie信息
        config.setAllowCredentials(allowedCredentials);
        //3) 允许的请求方式
        allowedMethods.forEach(config::addAllowedMethod);
        // 4）允许的头信息
        allowedHeaders.forEach(config::addAllowedHeader);
        // 5）有效期
        config.setMaxAge(maxAge);

        //2.添加映射路径，我们拦截一切请求
        UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
        configSource.registerCorsConfiguration(filterPath, config);

        //3.返回新的CORSFilter.
        return new CorsFilter(configSource);
    }
}